CompassOne by Blackpoint Cyber vs Netsurion comparison

CompassOne by Blackpoint Cyber

Read 24 Netsurion reviews

2,006 Views
1,063 Comparison Views

92% willing to recommend

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 14, 2025

CompassOne by Blackpoint Cyber and Netsurion are two cybersecurity products competing in the market. CompassOne has an edge in affordability and customer support, appealing to those with budget concerns, whereas Netsurion is favored for its advanced feature set, which attracts enterprises needing comprehensive capabilities.

Features: CompassOne provides real-time threat detection and response, focusing on proactive security measures. Netsurion offers in-depth network analytics, advanced threat intelligence, and its expansive suite is tailored for organizations requiring extensive protection.

Room for Improvement: CompassOne could enhance its network analytics capabilities and expand its threat intelligence features. It might also work on offering deeper integration options with third-party tools. Netsurion can improve on cost-effectiveness to match budget-conscious buyers and streamline its deployment processes. They might explore simplifying some advanced features for users less familiar with complex setups.

Ease of Deployment and Customer Service: CompassOne is known for its quick deployment and responsive support, making it easy to integrate into existing IT infrastructures. Netsurion provides flexible deployment models accompanied by robust customer support, offering versatility to suit various business needs.

Pricing and ROI: CompassOne has competitive setup costs, offering good ROI that emphasizes value. Netsurion, while more expensive, justifies the cost with a significant ROI for larger organizations due to its extensive features. The choice between them involves balancing budget limits against the need for advanced functionality, with Netsurion being attractive to enterprises prioritizing comprehensive cybersecurity solutions.

To learn more, read our detailed CompassOne by Blackpoint Cyber vs. Netsurion Report (Updated: January 2026).

CompassOne by Blackpoint Cyber vs. Netsurion

Download the complete report

Helped 881,707 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

CompassOne by Blackpoint Cyber

Ranking in Security Information and Event Management (SIEM)

37th

Ranking in Managed Detection and Response (MDR)

10th

Average Rating

9.0

Reviews Sentiment

7.8

Number of Reviews

Ranking in other categories

Vulnerability Management (44th), Endpoint Detection and Response (EDR) (35th), Application Control (10th)

Netsurion

Ranking in Security Information and Event Management (SIEM)

54th

Ranking in Managed Detection and Response (MDR)

39th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Managed Security Services Providers (MSSP) (33rd), SOC as a Service (14th), Extended Detection and Response (XDR) (47th)

Mindshare comparison

As of February 2026, in the Security Information and Event Management (SIEM) category, the mindshare of CompassOne by Blackpoint Cyber is 0.4%, up from 0.1% compared to the previous year. The mindshare of Netsurion is 0.7%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
CompassOne by Blackpoint Cyber	0.4%
Netsurion	0.7%
Other	98.9%

Security Information and Event Management (SIEM)

Featured Reviews

Gary Herbstman

Owner at Byte Solutions Inc.

Experienced reduced alert fatigue with streamlined notifications

We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…

Read full review

John-Berry

Information Technology Manager at ProfitSolv

The SOC center monitors, hunts, and notifies us of threats around the clock

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"On a scale from one to ten, I would rate the overall solution as a ten."

"The solution also watches over Microsoft 365 and keeps a copy of logs."

"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."

"The solution is all encompassing and can incorporate email monitoring."

"Their SOC is phenomenal in not monitoring and responding and taking action."

"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."

"What I like most about Netsurion is the level of visibility and reporting."

"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."

"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."

"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."

"If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically."

"There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird."

"I think Netsurion scales well. We've gone from a small number of agents up to thousands. So I would imagine that it would continue to scale. I don't see any issue with that."

"They have what they call Elasticsearch which is very quick, although that's only available for the last seven days' worth of data. It used to be that, if I wanted to do a search from three days ago, it might take me 10 to 15 minutes because it had to actually unzip some archive files. So I really like that feature. It's almost instantaneous for anything within the last seven days."

More Netsurion pros

Cons

"Some texts seem to report items as normal too quickly."

"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."

"The interface could be more intuitive."

"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."

"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."

"The feature we keep asking for is a vulnerability scan."

"There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days."

"Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's an individual that wasn't clear in the communication, it's not the process per se. You always have to be able to segregate if the process didn't work or an individual either didn't say the right thing or my people didn't understand what they were being told."

"There's always room to improve because there would be no competition if they had a perfect solution. The GUI to perform searches within the product may not be intuitive to a new user."

"They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that."

"The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically."

"Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."

"The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports."

"With version 8, there are quite a few things. The query tool was one of the big ones, and the query speed was one of the big ones, but they've made some great strides between versions 8 and 9. There were also issues in version 8 around the ability to get the data back out. It's one thing to collect data, but it's a whole other thing to be able to present it or run it in a timely manner. The old tool, depending on how far back I was looking, might even time out and I would have to run it again."

More Netsurion cons

Pricing and Cost Advice

"The pricing is in line with other products."

"The pricing is reasonable."

"Our pricing for Netsurion last year was US $52,000 per year."

"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."

"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."

"Netsurion's pricing is extremely fair and flexible. The price of their SIEM product is reasonable, and you can pay for those services you want on top of that. It wasn't cheap, but it's competitive, and we intend to renew our contract."

"We have seen time and cost savings. It prevents us from having to hire specialized people for this type of work. We would need to hire six staff members to accommodate the same service."

"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."

"Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."

"Our budget follows the calendar year. We just started a new budget year at the beginning of the month. We did budget for an increase in our threat management system selection. Therefore, we have the budget to implement and accommodate a threat management system change, including an increase for the quoted actions that we received to improve EventTracker. We are just waiting on our council to approve that budget, which might not be for a little while. Hopefully, when they do, we will be able to jump on doing something."

More Netsurion pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

881,707 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

12%

Healthcare Company

Retailer

Comms Service Provider

Performing Arts

16%

Manufacturing Company

Outsourcing Company

Retailer

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	7
Large Enterprise	7

Questions from the Community

What is your experience regarding pricing and costs for Blackpoint Cyber MDR?

The pricing is great considering what we are receiving.

See all answers

What needs improvement with Blackpoint Cyber MDR?

While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement.

See all answers

What is your primary use case for Blackpoint Cyber MDR?

The solution serves as a baseline security offering. We have implemented it for every client that we do business with.

See all answers

Ask a question

Earn 20 points

Comparisons

Huntress Managed EDR vs CompassOne by Blackpoint Cyber

Compared 23% of the time

CrowdStrike Falcon Complete MDR vs CompassOne by Blackpoint Cyber

Compared 8% of the time

Adlumin Security Operations vs CompassOne by Blackpoint Cyber

Compared 7% of the time

SentinelOne Vigilance vs CompassOne by Blackpoint Cyber

Compared 6% of the time

Field Effect MDR vs CompassOne by Blackpoint Cyber

Compared 5% of the time

More CompassOne by Blackpoint Cyber Competitors

Legato Security vs Netsurion

Compared 8% of the time

IBM Security QRadar vs Netsurion

Compared 7% of the time

Rapid7 InsightIDR vs Netsurion

Compared 7% of the time

GoSecure Titan Platform vs Netsurion

Compared 6% of the time

Sumo Logic Security vs Netsurion

Compared 5% of the time

More Netsurion Competitors

Product Reports

Managed Detection and Response (MDR)

Download CompassOne by Blackpoint Cyber product report

Download Netsurion product report

Also Known As

Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response

Netsurion Managed Threat Protection, Netsurion EventTracker

Overview

CompassOne by Blackpoint Cyber delivers comprehensive MDR capabilities, offering SLA-driven alert notifications, in-depth network discovery, and Microsoft 365 log preservation. Its SOC team efficiently manages monitoring tasks, ensuring genuine threats are prioritized and distractions minimized.

CompassOne enhances cybersecurity by offering email monitoring, app control, and effective threat identification, preventing incidents like a compromised device affecting corporate networks. While prompt in threat reporting, a need exists for detailed analysis and vulnerability scanning. Users seek integration with platforms such as CyberArk and CrowdStrike and support for Linux systems. The platform strengthens security through alert monitoring, virus prevention, account takeover prevention, and establishing a security baseline for both organizational and lab environments, with up to half of an organization's staff utilizing it and expansion plans in progress.

What are the key features of CompassOne?

SLA Notifications: Provides timely alerts to ensure swift threat response.
Network Discovery: Offers detailed insight into local networks.
Microsoft 365 Log Preservation: Maintains extensive records for compliance.
Email Monitoring and App Control: Detects and blocks suspicious activities efficiently.
Threat Prioritization: Minimizes distractions by focusing on genuine threats.

What benefits should users expect from CompassOne?

Efficient Monitoring: Relieves teams by offloading monitoring tasks to expert SOC teams.
Threat Mitigation: Protects against device compromise and secures networks.
Comprehensive Security: Extends capabilities through email and application vigilance.
Strategic Deployment: Adaptable for both enterprise and lab environments.

In sectors where security monitoring is crucial, CompassOne is implemented to observe computers, servers, and Office 365 environments, mitigating risks thoughtfully and efficiently. Companies engage its robust MDR functionalities to fend off viruses and account breaches while leveraging its security implementation services for a foundational security setup.

Blackpoint Cyber

Netsurion offers robust SIEM capabilities enhanced by managed services, facilitating efficient threat identification and response with real-time alerts and comprehensive reporting.

Netsurion stands out for its integration of SIEM, IDS, and vulnerability management. Its real-time threat alerts and dashboards enhance user response capabilities. With centralized logging from Windows, Linux, Cisco devices, firewalls, and Active Directory, Netsurion enables effective compliance support for HIPAA and PCI standards. Managed Threat Protection with the embedded MITRE ATT&CK Framework enhances threat intelligence, while its evolving interface aims to improve user interactions. However, some users find deployment and searching challenging, pointing to areas for improvement.

What are Netsurion's key features?

SIEM Capabilities: Efficient threat identification using real-time alerts and dashboards.
Managed Services: Provides remote monitoring and advisory support.
Comprehensive Reporting: Assists in compliance and actionable insights.
MITRE ATT&CK Framework: Enhances threat intelligence and management.
Seamless Integration: Works with existing systems for streamlined operations.

What benefits should users consider in reviews?

Threat Response Tool: Rapid identification and response to security incidents.
Usability: Efforts to evolve and simplify user interactions.
Operational Efficiency: Streamlined processes through integration and managed services.
Compliance Support: Assistance with industry standards like HIPAA and PCI.

Netsurion is frequently implemented in industries requiring comprehensive security monitoring and compliance, such as healthcare and finance. It aids businesses in consolidating security efforts, offering insights into user activities and system changes, an asset for companies lacking substantial internal resources.

Sample Customers

CoreRecon, Peerless Tech Solutions, Lorien Health

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores

CompassOne by Blackpoint Cyber vs. Netsurion